Commit 101bee64 authored by johan's avatar johan

Remove direct dependency to polarssl, move to bctoolbox

- TLS support is now mandatory
- polarssl v1.2 support dropped
parent e79a99aa
......@@ -38,7 +38,6 @@ option(ENABLE_RTP_MAP_ALWAYS_IN_SDP "Always include rtpmap in SDP." OFF)
option(ENABLE_SERVER_SOCKETS "Enable server sockets" ON)
option(ENABLE_STATIC "Build static library (default is shared library)." OFF)
option(ENABLE_STRICT "Build with strict compile options." YES)
option(ENABLE_TLS "Enable TLS support" ON)
option(ENABLE_TUNNEL "Enable tunnel support" OFF)
option(ENABLE_TESTS "Enable compilation of tests" ON)
......@@ -99,12 +98,9 @@ cmake_pop_check_state()
if(ENABLE_RTP_MAP_ALWAYS_IN_SDP)
set(BELLE_SDP_FORCE_RTP_MAP 1)
endif()
if(ENABLE_TLS)
find_package(PolarSSL REQUIRED)
if(POLARSSL_FOUND)
set(HAVE_POLARSSL 1)
endif()
endif()
find_package(BcToolBox REQUIRED)
if(ENABLE_TUNNEL)
if(LINPHONE_BUILDER_GROUP_EXTERNAL_SOURCE_PATH_BUILDERS)
include("${EP_tunnel_CONFIG_DIR}/TunnelConfig.cmake")
......@@ -140,13 +136,11 @@ set(libdir ${prefix}/lib)
set(includedir ${prefix}/include)
get_filename_component(antlr3c_library_path "${ANTLR3C_LIBRARIES}" PATH)
set(LIBS_PRIVATE "-L${antlr3c_library_path} -lantlr3c")
get_filename_component(bctoolbox_library_path "${BCTOOLBOX_LIBRARIES}" PATH)
set(LIBS_PRIVATE "${LIBS_PRIVATE} -L${bctoolbox_library_path} -lbctoolbox")
if(CUNIT_FOUND)
set(REQUIRES_PRIVATE "${REQUIRES_PRIVATE} cunit")
endif()
if(HAVE_POLARSSL)
get_filename_component(polarssl_library_path "${POLARSSL_LIBRARIES}" PATH)
set(LIBS_PRIVATE "${LIBS_PRIVATE} -L${polarssl_library_path} -lpolarssl")
endif()
if(HAVE_LIBDL)
set(LIBS_PRIVATE "${LIBS_PRIVATE} -ldl")
endif()
......@@ -162,7 +156,7 @@ include_directories(
src
${CMAKE_CURRENT_BINARY_DIR}
${CMAKE_CURRENT_BINARY_DIR}/src
${POLARSSL_INCLUDE_DIRS}
${BCTOOLBOX_INCLUDE_DIRS}
)
if(TUNNEL_FOUND)
include_directories(${TUNNEL_INCLUDE_DIRS})
......
......@@ -37,9 +37,6 @@
#cmakedefine HAVE_ANTLR3_H
#cmakedefine HAVE_ANTLR_STRING_STREAM_NEW
#cmakedefine HAVE_POLARSSL_SSL_H
#cmakedefine HAVE_POLARSSL
#cmakedefine HAVE_CUNIT_CUNIT_H
#cmakedefine HAVE_CU_CURSES
#cmakedefine HAVE_CU_GET_SUITE
......
......@@ -23,6 +23,9 @@
set(INCLUDES ${ANTLR3C_INCLUDE_DIRS})
set(LIBS ${ANTLR3C_LIBRARIES})
list(APPEND INCLUDES ${BCTOOLBOX_INCLUDE_DIR})
list(APPEND LIBS ${BCTOOLBOX_LIBRARIES})
if(Threads_FOUND)
if(CMAKE_USE_PTHREADS_INIT AND NOT CMAKE_SYSTEM_NAME MATCHES "QNX")
list(APPEND LIBS pthread)
......@@ -67,15 +70,6 @@ add_custom_command(
set_source_files_properties(${SDP_GENERATED_SOURCE_FILES_C} ${SIP_MESSAGE_GENERATED_SOURCE_FILES_C} PROPERTIES GENERATED TRUE)
if(ENABLE_TLS)
set(TLS_SOURCE_FILES_C
transports/tls_listeningpoint_polarssl.c
transports/tls_channel_polarssl.c
)
list(APPEND INCLUDES ${POLARSSL_INCLUDE_DIR})
list(APPEND LIBS ${POLARSSL_LIBRARIES})
endif()
if(ENABLE_TUNNEL)
set(TUNNEL_SOURCE_FILES_C
transports/tunnel_listeningpoint.c
......@@ -134,11 +128,12 @@ set(BELLE_SIP_SOURCE_FILES_C
transports/stream_listeningpoint.c
transports/udp_channel.c
transports/udp_listeningpoint.c
transports/tls_listeningpoint.c
transports/tls_channel.c
grammars/belle_sip_message.g
grammars/belle_sdp.g
${SDP_GENERATED_SOURCE_FILES_C}
${SIP_MESSAGE_GENERATED_SOURCE_FILES_C}
${TLS_SOURCE_FILES_C}
${TUNNEL_SOURCE_FILES_C}
)
set(BELLE_SIP_SOURCE_FILES_CXX
......
......@@ -425,12 +425,10 @@ int belle_http_provider_send_request(belle_http_provider_t *obj, belle_http_requ
if (!chan){
if (strcasecmp(hop->transport,"tcp")==0){
chan=belle_sip_stream_channel_new_client(obj->stack,obj->bind_ip,0,hop->cname,hop->host,hop->port);
}
#ifdef HAVE_POLARSSL
else if (strcasecmp(hop->transport,"tls")==0){
} else if (strcasecmp(hop->transport,"tls")==0){
chan=belle_sip_channel_new_tls(obj->stack,obj->verify_ctx,obj->bind_ip,0,hop->cname,hop->host,hop->port);
}
#endif
if (!chan){
belle_sip_error("%s: cannot create channel for [%s:%s:%i]", __FUNCTION__, hop->transport, hop->cname,
hop->port);
......
......@@ -18,10 +18,6 @@
#include "belle_sip_internal.h"
#ifdef HAVE_POLARSSL
#include <polarssl/ssl.h>
static void belle_sip_tls_listening_point_uninit(belle_sip_tls_listening_point_t *lp){
belle_sip_object_unref(lp->verify_ctx);
}
......@@ -56,7 +52,7 @@ static int on_new_connection(void *userdata, unsigned int revents){
socklen_t slen=sizeof(addr);
belle_sip_tls_listening_point_t *lp=(belle_sip_tls_listening_point_t*)userdata;
belle_sip_stream_listening_point_t *super=(belle_sip_stream_listening_point_t*)lp;
child=accept(super->server_sock,(struct sockaddr*)&addr,&slen);
if (child==(belle_sip_socket_t)-1){
belle_sip_error("Listening point [%p] accept() failed on TLS server socket: %s",lp,belle_sip_get_socket_error_string());
......@@ -77,7 +73,7 @@ belle_sip_listening_point_t * belle_sip_tls_listening_point_new(belle_sip_stack_
#else
belle_sip_stream_listening_point_init((belle_sip_stream_listening_point_t*)lp,s,ipaddress,port);
#endif /* ENABLE_SERVER_SOCKETS */
lp->verify_ctx=belle_tls_verify_policy_new();
return BELLE_SIP_LISTENING_POINT(lp);
......@@ -100,24 +96,3 @@ int belle_sip_tls_listening_point_set_verify_policy(belle_sip_tls_listening_poin
int belle_sip_tls_listening_point_available(void){
return TRUE;
}
#else
belle_sip_listening_point_t * belle_sip_tls_listening_point_new(belle_sip_stack_t *s, const char *ipaddress, int port){
return NULL;
}
int belle_sip_tls_listening_point_set_root_ca(belle_sip_tls_listening_point_t *s, const char *path){
return -1;
}
int belle_sip_tls_listening_point_set_verify_exceptions(belle_sip_tls_listening_point_t *s, int value){
return -1;
}
int belle_sip_tls_listening_point_available(void){
return FALSE;
}
#endif
......@@ -24,11 +24,6 @@
#include "belle-sip/auth-helper.h"
#include "belle_sip_tester.h"
#ifdef HAVE_POLARSSL
#include <polarssl/version.h>
#endif
static void test_authentication(void) {
const char* l_raw_header = "WWW-Authenticate: Digest "
"algorithm=MD5, realm=\"sip.linphone.org\", opaque=\"1bc7f9097684320\","
......@@ -84,8 +79,6 @@ static void test_proxy_authentication(void) {
#define TEMPORARY_CERTIFICATE_DIR "/belle_sip_tester_crt"
static void test_generate_and_parse_certificates(void) {
#ifdef HAVE_POLARSSL
#if POLARSSL_VERSION_NUMBER >= 0x01030000
belle_sip_certificates_chain_t *certificate, *parsed_certificate;
belle_sip_signing_key_t *key, *parsed_key;
char *pem_certificate, *pem_parsed_certificate, *pem_key, *pem_parsed_key;
......@@ -95,6 +88,8 @@ static void test_generate_and_parse_certificates(void) {
/* create 2 certificates in the temporary certificate directory (TODO : set the directory in a absolute path?? where?)*/
ret = belle_sip_generate_self_signed_certificate(belle_sip_certificate_temporary_dir, "test_certificate1", &certificate, &key);
BC_ASSERT_EQUAL_FATAL(0, ret, int, "%d");
belle_sip_object_unref(certificate);
belle_sip_object_unref(key);
ret = belle_sip_generate_self_signed_certificate(belle_sip_certificate_temporary_dir, "test_certificate2", &certificate, &key);
BC_ASSERT_EQUAL_FATAL(0, ret, int, "%d");
......@@ -125,8 +120,6 @@ static void test_generate_and_parse_certificates(void) {
belle_sip_object_unref(parsed_certificate);
belle_sip_object_unref(key);
belle_sip_object_unref(parsed_key);
#endif /* POLARSSL_VERSION_NUMBER >= 0x01030000 */
#endif /* HAVE_POLARSSL */
}
......@@ -159,8 +152,6 @@ const char* belle_sip_tester_fingerprint256_cert_fingerprint =
"SHA-256 A0:98:2D:3E:68:F3:14:8D:ED:50:40:DB:ED:A4:28:BC:1E:1A:6A:05:59:9E:69:3F:02:E2:F8:22:BF:4C:92:14";
static void test_certificate_fingerprint(void) {
#ifdef HAVE_POLARSSL
#if POLARSSL_VERSION_NUMBER >= 0x01030000
char *fingerprint;
/* parse certificate defined in belle_sip_register_tester.c */
belle_sip_certificates_chain_t* cert = belle_sip_certificates_chain_parse(belle_sip_tester_client_cert,strlen(belle_sip_tester_client_cert),BELLE_SIP_CERTIFICATE_RAW_FORMAT_PEM);
......@@ -183,9 +174,6 @@ static void test_certificate_fingerprint(void) {
belle_sip_free(fingerprint);
belle_sip_object_unref(cert);
#endif /* POLARSSL_VERSION_NUMBER >= 0x01030000 */
#endif /* HAVE_POLARSSL */
}
test_t authentication_helper_tests[] = {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment